diff --git a/.env.template b/.env.template index ee78161973..70b1fd6cfc 100644 --- a/.env.template +++ b/.env.template @@ -77,11 +77,13 @@ # WEBSOCKET_PORT=3012 ## Enables push notifications (requires key and id from https://bitwarden.com/host) +## If you choose "European Union" Data Region, uncomment PUSH_RELAY_URI and PUSH_IDENTITY_URI then replace .com by .eu # PUSH_ENABLED=true # PUSH_INSTALLATION_ID=CHANGEME # PUSH_INSTALLATION_KEY=CHANGEME ## Don't change this unless you know what you're doing. # PUSH_RELAY_URI=https://push.bitwarden.com +# PUSH_IDENTITY_URI=https://identity.bitwarden.com ## Controls whether users are allowed to create Bitwarden Sends. ## This setting applies globally to all users. @@ -462,4 +464,4 @@ ## HaveIBeenPwned API Key, request it here: https://haveibeenpwned.com/API/Key # HIBP_API_KEY= -# vim: syntax=ini +# vim: syntax=ini \ No newline at end of file diff --git a/src/api/push.rs b/src/api/push.rs index 3b0a573bee..7497b2490c 100644 --- a/src/api/push.rs +++ b/src/api/push.rs @@ -50,7 +50,11 @@ async fn get_auth_push_token() -> ApiResult { ("client_secret", &client_secret), ]; - let res = match get_reqwest_client().post("https://identity.bitwarden.com/connect/token").form(¶ms).send().await + let res = match get_reqwest_client() + .post(&format!("{}/connect/token", CONFIG.push_identity_uri())) + .form(¶ms) + .send() + .await { Ok(r) => r, Err(e) => err!(format!("Error getting push token from bitwarden server: {e}")), diff --git a/src/config.rs b/src/config.rs index c182179888..116adc9804 100644 --- a/src/config.rs +++ b/src/config.rs @@ -380,8 +380,10 @@ make_config! { push { /// Enable push notifications push_enabled: bool, false, def, false; - /// Push relay base uri + /// Push relay uri push_relay_uri: String, false, def, "https://push.bitwarden.com".to_string(); + /// Push identity uri + push_identity_uri: String, false, def, "https://identity.bitwarden.com".to_string(); /// Installation id |> The installation id from https://bitwarden.com/host push_installation_id: Pass, false, def, String::new(); /// Installation key |> The installation key from https://bitwarden.com/host @@ -754,6 +756,26 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> { ) } + if cfg.push_enabled { + let push_relay_uri = cfg.push_relay_uri.to_lowercase(); + if !push_relay_uri.starts_with("https://") { + err!("`PUSH_RELAY_URI` must start with 'https://'.") + } + + if Url::parse(&push_relay_uri).is_err() { + err!("Invalid URL format for `PUSH_RELAY_URI`."); + } + + let push_identity_uri = cfg.push_identity_uri.to_lowercase(); + if !push_identity_uri.starts_with("https://") { + err!("`PUSH_IDENTITY_URI` must start with 'https://'.") + } + + if Url::parse(&push_identity_uri).is_err() { + err!("Invalid URL format for `PUSH_IDENTITY_URI`."); + } + } + const KNOWN_FLAGS: &[&str] = &["autofill-overlay", "autofill-v2", "browser-fileless-import", "fido2-vault-credentials"]; for flag in parse_experimental_client_feature_flags(&cfg.experimental_client_feature_flags).keys() {